package com.u2ds.core.security.shiro;

import java.util.Collection;
import java.util.LinkedHashSet;

import javax.annotation.PostConstruct;

import com.u2ds.core.entity.SysUsers;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;

import com.u2ds.core.security.UserLoginInfo;

@Component
@ConditionalOnProperty(prefix = "shiro", name = "enabled", matchIfMissing = true)
@ConfigurationProperties(prefix = "shiro.realm")
public class UserLoginRealm extends JdbcRealm {
	private static final Logger log = LoggerFactory.getLogger(UserLoginRealm.class);
	
	@Autowired
	private DefaultWebSecurityManager securityManager;

	@PostConstruct
	public void setToSecurityManager(){
		Collection<Realm> rs = securityManager.getRealms();
		if(null == rs){
			securityManager.setRealm(this);
		}else{
			rs.add(this);
			securityManager.setRealms(rs);
		}
	}
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		final UserLoginInfo<?> user = (UserLoginInfo<?>) principals.getPrimaryPrincipal();
		if (user == null) {
			throw new UnknownAccountException("Account does not exist");
		}

		final SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		if (user.getRoles() != null) {
			info.setRoles(new LinkedHashSet<String>());
		}

		if (user.getPermissions() != null) {
			info.setStringPermissions(new LinkedHashSet<String>(user.getPermissions()));
		}

		return info;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
//        加密后的字符串
		UsernamePasswordToken credentials = (UsernamePasswordToken) token;
		final String username = credentials.getUsername();
		final String password = String.valueOf(credentials.getPassword());
		if (username == null) {
			throw new UnknownAccountException("Username not provided");
		}

		final SysUsers user;
		try {
//			UserAccount account = userAccountService.findUniqueByParams(Condition.build().add("userName", username));
			SysUsers account = new SysUsers();
			user = account;
//			account.setUsername(username);
//			account.setPassword(password);
//			user = sysUsersService.selectOne(account);
		} catch (RuntimeException e) {
			log.error(e.getLocalizedMessage(), e);

			throw e;
		}

		if (user == null) {
			throw new UnknownAccountException("Account does not exist");
		}
		return new SimpleAuthenticationInfo(user, user.getPassword(), getName());
	}

}
